Sign-on policies

Okta sign-on policies and rules provide a secure and flexible way to control how users authenticate and sign in to their accounts. Password policies, Okta global sign-on policies, and app-specific sign-on policies can be configured.

Each policy type affects various aspects of security such as the type of MFA factors that should be enforced, user password complexity, permitted devices, the level of risk, and allowed locations. Policies consist of rules and conditions that can be further defined for more complex use cases.